[59094] in North American Network Operators' Group
Re: rr style scanning of non-customers
daemon@ATHENA.MIT.EDU (Sean Donelan)
Sun Jun 15 00:55:07 2003
Date: Sun, 15 Jun 2003 00:54:33 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.44.0306132230480.19805-100000@redhat1.mmaero.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 13 Jun 2003 jlewis@lewis.org wrote:
> The last time this topic came up, it was suggested by others that either
> trojan or virus software was installing/creating open proxies. I wrote
> that off as people being overly paranoid. I'm sorry to say that I now
> know this to be true and have seen many installations of at least one
> strain of such proxy software.
According to a study by America Online, 89% of the computers with
broadband connections are not safely configured. 91% of the computers had
what AOL categorized as spyware installed. In reality, the connection
method isn't the determining factor.
http://www.staysafeonline.info/press/060403.pdf
Although firewalls and anti-virus helps, it doesn't prevent a determined
user from infecting his own system. Honeypots and passive detection
systems aren't picking up the whole story. The user is an important
part of evaluating the security equation.
